Thông tin tài liệu
Ethical Hacking and
Countermeasures
Version 6
dl
Mo
d
u
l
e XX
V
Cryptography
News
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://www.informationweek.com/
Scenario
Larry was working on a high-end project. He was expecting a promotion
for his good performance. But he was disappointed to see that the
members of the team whose performances were below par were promoted
while he was ignored. In a fit of rage, he quit his job. He searched for a job
in another company and got a good offer.
While quitting he had decided that he would teach his project manager a
lesson. He used an encryption tool TrueCrypt and encrypted the whole
directory with password protection where he had stored his part of work.
Can the information Larry encrypted be retrieved?
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Module Objective
This module will familiarize you with:
• Cryptography
• Encryption and Decryption
• Cryptographic Algorithms
• RSA (Rivest Shamir Adleman)
• Data Encryption Standard (DES)
• RC4, RC5, RC6, Blowfish
• Message Digest Functions
•
One
way Bash Functions
•
One
-
way Bash Functions
•MD5
•SHA
• Algorithms and Security
•
Government Access to Keys (GAK)
Government Access to Keys (GAK)
• Digital Signature
• Cryptography tools
• Code Breaking: Methodologies
• Cryptanalysis
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
•Cr
yp
to
g
ra
p
h
y
Attacks
• Use Of Cryptography
Module Flow
Message Digest
Functions
Digital Signature
Cryptography
Encryption and
Decryption
One-Way Bash
Functions
Cryptography tools
Cryptographic
Algorithms
Code Breaking
Methodologies
MD5 Algorithm
RSA
SHA Algorithm
Cryptanalysis
Algorithms and
Security
DES
Cryptography Attacks
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
RC4, RC5, RC6,
Blowfish
Government Access to
Keys
Use of Cryptography
Cryptography
Cryptography is an art of writing text or data in secret code
It encrypts the plain text data into unreadable format, which is
called as cipher text
It is based on mathematical algorithms
These algorithms use a secret key for the secure
fi
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
trans
f
ormat
i
on
Cryptography (cont’d)
In cr
yp
to
g
ra
p
h
y
, each
p
erson receives a
p
air of ke
y
s, called the
p
ublic-ke
y
, and the
yp g p y p p y p
y
private-ke
y
h’bl
kblhdhlh
kk
Eac
h
person
’
s pu
bl
ic-
k
ey is pu
bl
is
h
e
d
w
h
i
l
e t
h
e private-
k
ey is
k
ept secret
A
nyone can send a confidential message using public information, but it can only be
decrypted with a private-key that is in the sole possession of the intended recipient
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Classical Cryptographic
Techniques
Techniques
Classical ciphers comprise of two basic components:
• Substitution Cipher
• Transposition Cipher
•
Monoalphabetic
•
Monoalphabetic
• Polyalphabetic
Several of these ciphers are grouped together to form a ‘product
cipher’
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Encryption
Encryption is the process of converting data into a secret code
It is the most effective way to achieve data security
To read an encrypted file you must have access to a secret key or password that enables
To read an encrypted file
,
you must have access to a secret key or password that enables
you to decrypt it
Unencrypted data is called plain text
Encrypted data is referred to as cipher text
DATA
(‘Morpheus’)
Encryption
Encr
yp
ted DATA
(‘3*.,~’@!w9”)
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Key
Encryption (cont’d)
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
[...]... data that has been encrypted into a secret format It requires a secret key or password Public Key Cryptography encryption and decryption is performed with public and private keys EC-Council Copyright © by EC-Council All Rights Reserved Reproduction is Strictly Prohibited Cryptographic Algorithms Secret key Cryptography: • It uses a single key for both encryption and decryption processes • Since single... key Cryptography: • It uses a single key for both encryption and decryption processes • Since single key is used for both encryption and decryption , it is also called as Symmetric Encryption Public key Cryptography: • It uses one key for encryption and another for decryption • One key is designated as a p y g public key which is open to p y p public and the other key is y designated as a private key... Reproduction is Strictly Prohibited Message Digest Functions Message digest functions change the information contained in a file, (small or large) into a single large number, typically between 128 and 256 bits in length The best message digest functions combine these mathematical properties Every bit of the message digest function is influenced by the function's input If any given bit of the function's... 56-bit key algorithms offer p y g privacy, but are y vulnerable 64-bit key algorithms are safe today but will be soon threatened as the technology evolves 128-bit and over algorithms are almost unbreakable 256 -bit and above are impossible EC-Council Copyright © by EC-Council All Rights Reserved Reproduction is Strictly Prohibited Disk Encryption Disk encryption works similarly to text message encryption... issue is similar to the ability to wiretap phones EC-Council Copyright © by EC-Council All Rights Reserved Reproduction is Strictly Prohibited Digital Signature Digital Signature is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written form Digital signature schemes normally give two algorithms; one for signing which involves the user's . Attacks
• Use Of Cryptography
Module Flow
Message Digest
Functions
Digital Signature
Cryptography
Encryption and
Decryption
One-Way Bash
Functions
Cryptography. Reserved. Reproduction is Strictly Prohibited
Module Objective
This module will familiarize you with:
• Cryptography
• Encryption and Decryption
• Cryptographic
Ngày đăng: 15/03/2014, 15:20
Xem thêm: Module 25 Cryptography pdf, Module 25 Cryptography pdf